As you may be aware, late last week a vulnerability in TLS, which may have also been referred to as an HTTPS vulnerability, was disclosed to the public (http://extendedsubset.com/Renegotiating_TLS.pdf). As with most high profile vulnerability releases, there has been a lot of incorrect assumptions made about this issue and the impact. This post will hopefully help combat the unnecessary fear and chaos.
Read more...